♻️ Refactor and update CORS, remove trailing slash from new Pydantic v2 (#617)

src/.env

@@ -7,7 +7,7 @@ PROJECT_NAME="FastAPI Project"
 STACK_NAME=fastapi-project
 
 # Backend
-BACKEND_CORS_ORIGINS="[\"http://localhost\", \"http://localhost:4200\", \"http://localhost:3000\", \"http://localhost:8080\", \"https://localhost\", \"https://localhost:4200\", \"https://localhost:3000\", \"https://localhost:8080\", \"http://local.dockertoolbox.tiangolo.com\", \"http://localhost.tiangolo.com\"]"
+BACKEND_CORS_ORIGINS="http://localhost,http://localhost:5173,https://localhost,https://localhost:5173,http://localhost.tiangolo.com"
 SECRET_KEY=changethis
 FIRST_SUPERUSER=admin@example.com
 FIRST_SUPERUSER_PASSWORD=changethis

src/backend/app/core/config.py

@@ -16,12 +16,11 @@ class Settings(BaseSettings):
     SECRET_KEY: str = secrets.token_urlsafe(32)
     # 60 minutes * 24 hours * 8 days = 8 days
     ACCESS_TOKEN_EXPIRE_MINUTES: int = 60 * 24 * 8
-    SERVER_NAME: str
     SERVER_HOST: AnyHttpUrl
     # BACKEND_CORS_ORIGINS is a JSON-formatted list of origins
     # e.g: '["http://localhost", "http://localhost:4200", "http://localhost:3000", \
     # "http://localhost:8080", "http://local.dockertoolbox.tiangolo.com"]'
-    BACKEND_CORS_ORIGINS: list[AnyHttpUrl] = []
+    BACKEND_CORS_ORIGINS: list[AnyHttpUrl] | str = []
 
     @field_validator("BACKEND_CORS_ORIGINS", mode="before")
     @classmethod
@@ -38,7 +37,7 @@ class Settings(BaseSettings):
     @field_validator("SENTRY_DSN", mode="before")
     @classmethod
     def sentry_dsn_can_be_blank(cls, v: str) -> str | None:
-        if len(v) == 0:
+        if not v:
             return None
         return v
 
@@ -65,7 +64,8 @@ class Settings(BaseSettings):
     SMTP_HOST: str | None = None
     SMTP_USER: str | None = None
     SMTP_PASSWORD: str | None = None
-    EMAILS_FROM_EMAIL: str | None = None  #TODO: update type to EmailStr when sqlmodel supports it
+    # TODO: update type to EmailStr when sqlmodel supports it
+    EMAILS_FROM_EMAIL: str | None = None
     EMAILS_FROM_NAME: str | None = None
 
     @field_validator("EMAILS_FROM_NAME")
@@ -86,8 +86,10 @@ class Settings(BaseSettings):
             and info.data.get("EMAILS_FROM_EMAIL")
         )
 
-    EMAIL_TEST_USER: str = "test@example.com"  #TODO: update type to EmailStr when sqlmodel supports it
-    FIRST_SUPERUSER: str  #TODO: update type to EmailStr when sqlmodel supports it
+    # TODO: update type to EmailStr when sqlmodel supports it
+    EMAIL_TEST_USER: str = "test@example.com"
+    # TODO: update type to EmailStr when sqlmodel supports it
+    FIRST_SUPERUSER: str
     FIRST_SUPERUSER_PASSWORD: str
     USERS_OPEN_REGISTRATION: bool = False
     model_config = SettingsConfigDict(case_sensitive=True)

src/backend/app/main.py

@@ -20,7 +20,9 @@ app = FastAPI(
 if settings.BACKEND_CORS_ORIGINS:
     app.add_middleware(
         CORSMiddleware,
-        allow_origins=[str(origin) for origin in settings.BACKEND_CORS_ORIGINS],
+        allow_origins=[
+            str(origin).strip("/") for origin in settings.BACKEND_CORS_ORIGINS
+        ],
         allow_credentials=True,
         allow_methods=["*"],
         allow_headers=["*"],

src/docker-compose.yml

@@ -155,7 +155,6 @@ services:
     env_file:
       - .env
     environment:
-      - SERVER_NAME=${DOMAIN?Variable not set}
       - SERVER_HOST=https://${DOMAIN?Variable not set}
       # Allow explicit env var override for tests
       - SMTP_HOST=${SMTP_HOST?Variable not set}